Many Android devices vulnerable to session hijacking through the default browser
The default browser in Android versions older than 4.4 has a vulnerability that allows malicious websites to bypass a critical security mechanism and take control of a user's authenticated sessions on other sites.
Read more: Many Android devices vulnerable to session hijacking through the default browser
Story added 16. September 2014, content source with full text you can find at link above.